VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.

Related CVEs

CVE-2018-6977

Key Information

GHSA ID

GHSA-29m2-93j9-hrcp

Published

May 13, 2022 1:53 AM

Last Modified

May 13, 2022 1:53 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 19, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.